This monitors that the alert manager feature in FEP 2010 Service has not reported an error.
This monitors that the alert manager feature in FEP 2010 Service has not reported an error.
This monitor is enabled by default.
The most common cause of this monitor failure is given in the Details section of the State Change Events tab.
Use the resolution described in the Details section of the State Change Events tab.
| Target | Microsoft.Fep2010.Monitoring.FepServiceFeatures |
| Parent Monitor | System.Health.AvailabilityState |
| Category | AvailabilityHealth |
| Enabled | True |
| Alert Generate | False |
| Alert Auto Resolve | False |
| Monitor Type | Microsoft.Windows.2SingleEventLog2StateMonitorType |
| Remotable | True |
| Accessibility | Public |
| RunAs | Default |
Home<UnitMonitor ID="Microsoft.Fep2010.Monitoring.FepServiceFeatures.Monitor.AlertManager.SuccessfulOperation" Accessibility="Public" Enabled="true" Target="Microsoft.Fep2010.Monitoring.FepServiceFeatures" ParentMonitorID="Health!System.Health.AvailabilityState" Remotable="true" Priority="Normal" TypeID="Windows!Microsoft.Windows.2SingleEventLog2StateMonitorType" ConfirmDelivery="true">
<Category>AvailabilityHealth</Category>
<OperationalStates>
<OperationalState ID="FirstEventRaised" MonitorTypeStateID="FirstEventRaised" HealthState="Error"/>
<OperationalState ID="SecondEventRaised" MonitorTypeStateID="SecondEventRaised" HealthState="Success"/>
</OperationalStates>
<Configuration>
<FirstComputerName>$Target/Host/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</FirstComputerName>
<FirstLogName>Forefront Endpoint Protection</FirstLogName>
<FirstExpression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="UnsignedInteger">3004</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="String">PublisherName</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="String">FepSrv</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</And>
</FirstExpression>
<SecondComputerName>$Target/Host/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</SecondComputerName>
<SecondLogName>Forefront Endpoint Protection</SecondLogName>
<SecondExpression>
<And>
<Expression>
<Or>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="UnsignedInteger">1000</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="UnsignedInteger">3005</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</Or>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="String">PublisherName</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="String">FepSrv</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</And>
</SecondExpression>
</Configuration>
</UnitMonitor>